Blogi

Blogi | Insoft Services

KNOWING WHAT TO TEACH


The implementation of any IP infrastructure comes after months, or even years of planning and deliberation. Every step in the process is scrutinized down to the smallest detail before its set into motion. I’d like to bring up the other side of that operation: the knowledge needed to run the operations once everything is in place.

There is obviously already a great amount of experience within any organization who is considering a large scale implementation of any sort, but vendor specific expertise needs to be constantly updated and new arrivals to the team has to be given the exact skill set needed to do their part in the organism. This is where an Authorized Training Partner comes into the picture. With the help and guidance of people who are 100% dedicated to fulfilling training needs wherever they may arise, the identification and learning processes are guaranteed to be optimized and the enterprises can enjoy a full ROI on the infrastructure put in place.

This is the essential difference between an Authorized Learning Partner and those who are not. Delivering non-authorized training can never be as precise or as efficient because the information on the products themselves can never be acquired first-hand – from the vendor in question. It’s a matter of surrounding yourself with professionals and to be safe in the knowledge that everyone involved is a master of their specific area of expertise.

Knowing what to do is just as powerful as how to do it. It’s as simple as that. A training company that isn’t involved in the assessment process will invariably teach their students things they already know or things they don’t have a need for. As veterans in the Learning industry we acknowledge this as the most common pitfall for companies looking to acquire knowledge.

It’s thanks to this perspective that Insoft Services have reached its high level of customer satisfaction. Not only by delivering knowledge but more importantly the one that’s actually called for.

A CHANGE IS GONNA COME


The constant need for knowledge acquirement through technical training has always been an issue for all IT tech companies. This need is now going through a change that we’ve only seen the beginning of and which will amplify this need perhaps tenfold. The culprit spells rapid technological change. The times of having more or less the same data centre for 10 years are long gone. They now need to be constantly refitted. This is, in part, due to a change in demand.

Businesses and organizations have realized that they need to be much more elastic. Evolving constantly and changing with the times is paramount for survival in an environment that doesn’t forgive those who can’t deliver at par with the competition. The move to cloud based applications and the use of platform as a service (I/PaaS) systems or software as a service (SaaS) puts an ever increasing pressure on the IT experts to be on top of their game. In an ever-changing technical environment there’s no room for static knowledge that might be obsolete in a couple of years. Intelligent investments in training have to go alongside the technical outbreak that will change the playing field completely.

This need of new knowledge encompasses the entire IT organization – from the people making the critical decisions on how to setup your infrastructure to give it the utmost longevity down to the teams that will run it. It’s more important than ever to choose wisely – picking a suitable technical solution and pairing it with the relevant training.

Mistakes in this area will not only be costly – they will interrupt the smooth running and reliable up-time that a functioning IT infrastructure is supposed to supply.

DARK DDOS ATTACKS ON THE RISE


All reliable, serious sources when it comes to IT security talk about a massive rise when it comes to DDoS attacks in 2016. It will get worse than ever before. But that’s not all – they are getting more sinister as well. The so-called “Dark” DDoS attacks are knocking on the door, working as smoke screens while the true purpose of the attack – to steal sensitive information – can go by unnoticed. This is bad news for any business, except the odd brick-and-mortar company without any online presence.

The popularity these attacks have gained comes down to simple mathematics – they are relatively cheap to execute while at the same time causing enormous harm costing the victimized companies huge amounts. And the question we all need answered is “How do we get rid of these things?”

The somewhat disappointing answer is – We can’t. They will keep on coming: more forceful, more ingenious and more disastrous in their intentions. The thing we can do, however, is to be prepared. Redundancy, having the right network security solutions, constantly updating your infrastructure but most important of all – making sure the staff, the actual people handling the security tools, knows what they’re doing.

Without proper training your companies’ choice of network security solutions will, in the best-case scenario, not be optimally operated. Worst case? The malicious intruders will be doing the mazurka within your infrastructure until the cows come home.

We at Insoft Services believe that having properly trained personnel is by far the best line of defense against all the cyber threats we will face going into the future. Whether you’re using Cisco or Fortinet as a supplier for cyber security, we are here to make sure you’ll be 100% knowledgeable, and that you’re always making the wisest decisions on how to optimally run your equipment. Because that’s really what it boils down to – knowledge and experience. And that’s exactly what we’re here to provide.

Different threats to your IT infrastructure will come and go but the investments you make in your staff is for the long run. A proactive, skilled security team puts you ahead of the intruders and exploiters because your staff will know exactly what to look for and how to defend against it.

PHISHING SCAM AT SEAGATE TECHNOLOGIES


In a recent blog post by Brian Krebs, the topic of the day was the security scandal at Seagate Technologies and how, via a phishing scam, an employee was tricked into giving away sensitive information regarding tax information on all past and current employees. This unfortunate incident very well highlights what we at Insoft Services believe to be the biggest issue in modern day cyber warfare against malicious intruders – human error. The question on how to combat this is twofold. Minimizing access to the areas of the organization where access isn’t needed is certainly one important way to reduce the harm any employee can unwillingly do. But also – and this is where we would like to put the emphasis in this struggle – properly educated and trained staff.

A general network security mind-set is – or should be – paramount to any modern enterprise no matter what solution they’re going for. Having educated and informed personnel is very much the key to avoid incidents like the one at Seagate Technologies. We can see how phishing scams target people within the organization and in a sense by-passes all the technological barriers put in place by the people at IT security. This is exactly what tech companies need to keep in mind – sound investments in training is the most cost effective way to eliminate, or at least minimize, technological malicious threats targeted at their IT infrastructure.

Continuous in-house training with a constant focus on how to identify and deal with suspicious activities for ALL employees is the most important and fundamental way to battle these threats and keep your sensitive information well guarded. One common mistake that we see is neglecting the parts of your staff that is not, in a traditional sense at least, directly involved with IT security and infrastructure, leaving them open to be targeted by invaders with malicious intent. The old saying about the weakest link applies very well in this particular instance. Help your staff not being victimized like the poor soul at Seagate Technologies by training them. You just can’t afford not to.

MOVING TO THE CLOUD


If the cloud were a risk-free environment it would be a no-brainer – hardly any IT department would keep costly data centers or otherwise avoid the obvious benefits the migration to the cloud would entail.

We are, however, not there yet. And the idea of a risk free environment is in itself a utopian concept. That once again leaves us with the timeless task to compare, weigh risks vs. rewards and finally make our move. Or not.

In 2015 Quocirca published a survey in which they mapped the attitude towards the cloud in the UK market. The results show that the migration is well on its way, and will continue to be so. With the benefits pretty well documented we’re now left with the big x-factor of this paradigm shift – the calculated risks.

The fundamental problem is that you’re no longer the keeper of your information. Nobody will fight as vigilantly to keep you safe as you would. Steve Santorelli at Team Cymru put it like this: “No business is ever going to be as rabid about looking after your data as you would or should be. They are in the business of making money from you, after all. Securing your data sometimes becomes a marketing mantra more than a way of life”.

This then becomes a question of picking the most suitable cloud provider for your enterprise. But how can you, in a cloud-based environment, make in-house security improvements?

Having a cloud oriented IT department helps. As we always preach on Insoft, the training and education has to go hand-in-hand with the current technology employed. This will leave you less vulnerable during times of unexpected downtime of your cloud provider’s support and it will give you the knowledge needed to take care of smaller issues in-house. And perhaps most importantly – it will give your IT department a “security mind-set” that is in line with the new threats that a cloud based system will bring to the table.

In conclusion – migrating to the cloud will bring your organization amazing new possibilities with regards to mobility and productivity. But wise decisions is required through the entire process – from picking the right cloud provider to migrating the most beneficial segments of your organization and finally giving your in-house staff the sufficient skill-sets to play their part in the dramatic changes it will bring.